Spring Security 3.1

More Information
Learn
  • Understand common security vulnerabilities and how to resolve them
  • Implement authentication and authorization
  • Learn to utilize existing corporate infrastructure such as LDAP, Active Directory, Kerberos, and CAS
  • Integrate with popular frameworks such as Spring, JSF, GWT, Maven, and Spring Roo
  • Architect solutions that leverage the full power of Spring Security while remaining loosely coupled
  • Implement common scenarios such as supporting existing user stores, user sign up, and supporting AJAX requests
About

Knowing that experienced hackers are itching to test your skills makes security one of the most difficult and high-pressure concerns of creating an application. The complexity of properly securing an application is compounded when you must also integrate this factor with existing code, new technologies, and other frameworks. Use this book to easily secure your Java application with the tried and trusted Spring Security framework, a powerful and highly customizable authentication and access-control framework.

"Spring Security 3.1" is an incremental guide that will teach you how to protect your application from malicious users. You will learn how to cleanly integrate Spring Security into your application using the latest technologies and frameworks with the help of detailed examples.

This book is centred around a security audit of an insecure application and then modifying the sample to resolve the issues found in the audit.

The book starts by integrating a variety of authentication mechanisms. It then demonstrates how to properly restrict access to your application. It concludes with tips on integrating with some of the more popular web frameworks. An example of how Spring Security defends against session fixation, moves into concurrency control, and how you can utilize session management for administrative functions is also included.

"Spring Security 3.1" will ensure that integrating with Spring Security is seamless from start to finish.

Features
  • Learn to leverage the power of Spring Security to keep intruders at bay through simple examples that illustrate real world problems
  • Each sample demonstrates key concepts allowing you to build your knowledge of the architecture in a practical and incremental way
  • Filled with samples that clearly illustrate how to integrate with the technologies and frameworks of your choice
Page Count 456
Course Length 13 hours 40 minutes
ISBN 9781849518260
Date Of Publication 26 Dec 2012

Authors

Peter Mularien

Peter Mularien is an experienced software architect and engineer and the author of the book Spring Security 3, Packt Publishing. Peter currently works for a large financial services company and has over 12 years of consulting and product experience in Java, Spring, Oracle, and many other enterprise technologies. He is also the reviewer of this book.

Robert Winch

Robert Winch is currently a senior software engineer at VMware and is the project lead of the Spring Security framework. In the past, he has worked as a software architect at Cerner, the largest provider of electronic medical systems in the US, securing healthcare applications. Throughout his career, he has developed hands-on experience integrating Spring Security with an array of security standards (that is, LDAP, SAML, CAS, OAuth, and so on). Before he was employed at Cerner, he worked as an independent web contractor in proteomics research at Loyola University Chicago and on the Globus Toolkit at Argonne National Laboratory.